Defense Contractors See $$$ in Cyber Security

The profits of (conventional) war must not be as good as they used to be.

Lockheed Martin and Boeing have decided the next cash cow is cyber defense.

According to Bloomberg, both companies, “eager to capture a share of a market that may reach $11 billion in 2013,” have formed new business units to attract money that the U.S. government will be spending to secure U.S. government computers and, no doubt, to break the security of enemy computer systems.

The companies awoke to the money-making opportunity after President Bush signed a National Security Directive in January, which is commonly known as the Comprehensive National Cyber Security Initiative and is estimated will cost $30 billion or more to implement.

The initiative, which includes the creation of a National Cyber Security Center to be run by the Department of Homeland Security, has been criticized for its secrecy and the role that intelligence agencies may play in the plan. Critics fear the plan is a cover to give U.S. intelligence agencies the unfettered ability to monitor all traffic that passes through the internet.

The initiative has many parts, however, one of which is to secure government networks.

Despite an abundance of established computer security firms that already have experience securing networks, Boeing launched its cybersecurity division in August, followed by Lockheed in October.

Science Applications International Corporation (SAIC) also got in the game, as has Raytheon — though a Raytheon spokesman wanted Bloomberg to understand that it had been thinking about cashing in on cyber security longer than Boeing and Lockheed Martin were thinking about it. The company acquired its computer security expertise the old-fashioned way — by buying it. Raytheon purchased three computer network security firms (Oakley Networks, SI Government Solutions and Telemus Solutions Inc) in the last 18 months and says it plans to add 300 more security engineers to its stable in 2009.

It’s likely the others will be acquiring their expertise this way as well, which will only be good news for computer security firms that have been struggling to stay afloat the last few years when the government and private sector showed little interest in spending money to secure computer networks.

“The whole area of cyber is probably one of the faster-growing areas” of the U.S. budget, Linda Gooden, executive vice president of Lockheed’s Information Systems & Global Services unit, told Bloomberg. “It’s something that we’re very focused on. I expect there will be a significant focus” under Obama.

Lockheed hasn’t always been so focused on cyber security or had much of a track record in keeping its own systems secure.

Readers may recall that the defense contractor was the victim of a major cyber intrusion in 2003 dubbed Titan Rain. Both Lockheed and the Sandia National Laboratory that Lockheed managed were hit in the attack, resulting in thieves making off with Lockheed schematics and other proprietary and sensitive documents. A Sandia network security analyst named Shawn Carpenter discovered the intrusion and told his superiors, who wanted to keep the break-in quiet. In the interest of national security, Carpenter provided information about the attack to the FBI and was fired by Sandia — the standard reward for whistleblowers everywhere. Last year a jury awarded Carpenter $4.3 million in a wrongful termination suit.

Oh great.. Just what we need more massive groups who’s idea of “cyber security” is to fuck up things to the point where no one has any fucking clue whats going on. Note the italicized and bolded text.